The Javamex companion blog. This blog includes both technical articles relating to the programming information that you'll find on the Javamex site, plus information covering the IT industry more generally.

Some interesting findings emerging from their study (which relates to data from September 2013) for game developers include:

When considering the combined revenue from the App Store and Google Play, almost two thirds (63%) of games revenue comes from the Apple platform;

A single iOS device form factor (either iPhone or iPad) single handedly generates roughly the same amount of revenue as all devices on Google Play, according to these figures;

52% of apps in the App Store (namely games) are generating 79% of App Store revenue;

The share of revenue from games differs somewhat from country to country, going from 59% of App Store revenue in Germany to over 80% of App Store revenue in Taiwan, for example;

Not all app stores are equal in terms of revenue-generating genres: Apple players appear to generate more revenue in RPGs, compared to Arcade & Action games which are the predominant genre in terms of revenue on Google Play-- though it should be noted that on the Apple platform, there was more uniformity in the spread of revenue among genres.

One strong take-away message from the figures for developers and localisers appears to be: if your genre fits, do not neglect the Asian market!

Tuesday, October 22, 2013

Unless you've been sitting under a rock with a blindfold and ear muffs on, you will be aware that Apple today announced various updates to its hardware and software. Updates to the iPad were on the whole fairly predictable and represent more of a gradual improvement than a revolution as such: the iPad Mini now sports a retina display, and the 64-bit processor recently incorporated into the latest models of iPhone is now incorporated into the iPad. In what is becoming an ever so slightly obsessive preoccupation with this dimension, 20% is shaved off the iPad's thickness.

Interestingly, Apple have clearly made a conscious decision to diversify the iPad range in the mind of consumers. The latest crop has, for no obvious technical reason, had the spurious label "Air" attached to it. Despite Apple's mantra that the technological breakthroughs of the new generation are so colossally huge as to warrant this new branding, it's not clear that perceptually at least, the new iPad is anything more than a slight incremental upgrade. Even the CPU change has essentially been "bedded down" with the prior iPhone release. But in introducing this new label, Apple are effectively making a perceptual split between "Mini", (um....) "Normal" iPad 2 and "Air". This, combined with a price reduction in the existing iPad Mini to $299 (that's actually quite a lot of hardware for your buck!), may be an attempt to encourage new adopters with less deep pockets without making them feel they are opting for an 'inferior' version as such.

I'm not sure if, as rumoured, Apple are indeed intending to add a fingerprint sensor to the device at some stage. But I have to say that I find the case for needing to shave a couple of seconds off the login time less compelling than with a a phone, where several times a day, one typically needs to get the device out of one's pocket and quickly check something for a moment.

Anyway, now with this new, diversified range of iPads available, it will be interesting to see how adoption rates go of the various devices.

Saturday, October 19, 2013

In view of recent revelations on the tactics used by the NSA to undermine basic Internet infrastructure, the security of on-line messaging systems such as Apple's iMessage has come to the fore. As explained by cryptographer researcher Martin Green on his blog, such an application inevitably involves some kind of trade-off between usability and security. (As indeed do airports, e-mail, ...) The dangers are in a sense social rather than technical: as users, do we have sufficient information to assess the trade-offs being made, understand where their weaknesses or loopholes lie and remain aware of their consequences?

The iMessage system employs what is sometimes termed end-to-end encryption. In other words, asymmetric encryption by each participant in the conversation, and each participant knows how to encrypt data so that the other participant-- and only them-- knows how to decrypt the message once it reaches the other end. Some key weak points in such a system are then:

Is the encryption system secure in itself if perfectly implemented? We can usually assume this is the case. Where agencies such as the NSA have advocated a particular scheme, an assumption we have to make is that the NA etc haven't deliberately advocated use of a scheme that they secretly know how to break. This was more plausible a few decades ago when there were fewer independent security researchers. Nowadays, every mainstream encryption scheme used has been scrutinised to some degree or other by the cryptography community.

Is the encryption system actually properly implemented? There are a couple of sources of danger here: (a) mistakes made by programmers (implementing cryptography correctly is actually quite difficult), and (b) insecurities (e.g. weak key generation) deliberately introduced by a body such as the NSA enforcing or encouraging a particular implementation. In the case of a company with the programming resources of Apple, we can probably trust that (a) isn't a problem for the iMessage system itself, though Apple appear to have introduced a loophole in the form of backed up iMessages in iCloud. We now know that (b) is a problem with various other large companies such as Skype and major antivirus companies. As far as I'm aware, it's not yet clear whether Apple has also succumbed to this type of coercion.

How easily can the system be compromised on the local machine by a third party (or indeed the NSA etc) via a virus, etc? In the case of iMessage on a non-jailbroken device, since iOS is a relatively "locked down" system, we assume that the situation is better than average.

How easily can the key distribution system be compromised remotely? This basically boils down to: what opportunities are there for a "man in the middle" to persuade one of the participants in the conversation to encrypt messages using the public key of somebody other than the intended recipient? On this point, it has recently been reported that an Apple insider could do so, but I am not yet aware of any published report that this would be feasible for a third party outside Apple.

The latter weakness then becomes a social issue. For example: (a) do we trust Apple to have measures in place so that it is not feasible for a rogue employee to compromise the system? (b) if the NSA were to compel Apple to deliberately break their key distribution system in order to eavesdrop on messages, would they openly go through due legal process in order to do so?

The version of Java released to Mac OS this week fixes a number of security issues, including a fix to an issue that allowed security manager to be bypassed, allowing malicious apps on web pages to execute arbitrary code. Mac OS users are advised to apply the update as soon as possible!

Firstly, a small bug in Baker's Dozen has been found in the version included with the full Solitaire Whizz app: erroneously, the game allows you to move whole sequences from one column to another whereas only single cards should be moved.

Secondly, a new, free, app is shortly to be released. Klondike Solitaire Collection will feature Klondike plus the two variants Agnes and Whitehead. More details will be released shortly.